Am 19.03.26 um 15:12 schrieb Greg Troxel:
It would be nice if openvpn's TCP support could somehow be over https and a prefix within the webroot (or vhost, if it must be). I think I'm asking for "openvpn over https" instead of "openvpn over tcp". But we're arriving to a world where https to 443 works and much else is blocked.
I suppose that one could configure nginx so as to offer a password(?)-protected HTTP CONNECT to the OpenVPN server, and tell the client-side OpenVPN to use that as a proxy.
*Or* you could use --bind to make the client use a specific *source* port, hoping that it won't get SNATed away on the Internet uplink, and use that "identifier" and iptables rules so as to have "home base" DNAT the connection to the OpenVPN server instead of the nginx ...
Kind regards, -- Jochen Bern Systemingenieur Binect GmbH
smime.p7s
Description: Kryptografische S/MIME-Signatur
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
